Re: Debian Server restored after Compromise

To: Andreas Tille <tillea@rki.de>
Cc: debian-project@lists.debian.org
Subject: Re: Debian Server restored after Compromise
From: Kurt Roeckx <kurt@roeckx.be>
Date: Thu, 13 Jul 2006 23:01:44 +0200
Message-id: <[🔎] 20060713210144.GA19633@roeckx.be>
In-reply-to: <[🔎] Pine.LNX.4.62.0607132246520.16445@wr-linux02>
References: <20060713175452.GS1655@finlandia.home.infodrom.org> <[🔎] 20060713181827.GA4595@localhost.localdomain> <[🔎] Pine.LNX.4.62.0607132246520.16445@wr-linux02>

On Thu, Jul 13, 2006 at 10:49:04PM +0200, Andreas Tille wrote:
> On Thu, 13 Jul 2006, Bas Zoetekouw wrote:
> 
> >Or maybe only allow pubkey ssh authentication?
> 
> I'd vote for it and I use it since the last break in exclusively.
> The only drawback is that the mail interface to db.d.o is
> somewhat broken but if more people use it the pressure to fix
> it might increase.

When I wanted to mail my ssh key, I had to first log in on master
(with my password) to be able to send the mail from there.  The
script doesn't handle mime, and my ssh key is longer then 1024
chars so you can't really send it over smtp as 1 line.  I think
exim allows it or something, making it work if you send it from
master.

But I guess you're talking about setting other things you can do
thru the website, for which the password is required too.

Kurt

Reply to:

References:
- Re: Debian Server restored after Compromise
  - From: Bas Zoetekouw <bas@debian.org>
- Re: Debian Server restored after Compromise
  - From: Andreas Tille <tillea@rki.de>

Prev by Date: Re: Debian Server restored after Compromise
Next by Date: Re: Fundamental flaw in bug reporting system
Previous by thread: Re: Debian Server restored after Compromise
Next by thread: Re: Debian Server restored after Compromise
Index(es):
- Date
- Thread